07-14-2005 02:44 AM - edited 02-21-2020 01:52 PM
Hi all,
I need advice with the following problem.
I have PIX 515E with 3 interfaces inside,
DMZ and outside,vers 6.3(3).Is it possible to access DMZ over inside interface with IPSec from CISCO VPN client ? IPSec makes a tunnel,the client
has a new address from address pool,but
in the log I have a message : No translation found etc.. when I try to
reach any device in DMZ.The reason seems
to be with nat (dmz) 0 which should be from DMZ to inside (secu 50 to secu 0).Even if I use nat (dmz) 0 access-list remote outside it does not work.Any hints ?
Thanks
Zdenek
Solved! Go to Solution.
07-14-2005 03:15 AM
Hi,
Can you check if you are able to access DMZ from inside?? If yes, then u shud be able to access DMZ from the remote connection. This is because, once the VPN client gets the IP address of the inside pool, it is as good as it is in your inside LAN. You can try putting inside to DMZ natting... i mean to say put that nat 0 command for inside to DMZ... this will allow the access of DMZ machines from inside.
07-14-2005 03:15 AM
Hi,
Can you check if you are able to access DMZ from inside?? If yes, then u shud be able to access DMZ from the remote connection. This is because, once the VPN client gets the IP address of the inside pool, it is as good as it is in your inside LAN. You can try putting inside to DMZ natting... i mean to say put that nat 0 command for inside to DMZ... this will allow the access of DMZ machines from inside.
07-15-2005 06:20 AM
Hi,
I would like to thank you.My client received an IP address from local pool,let us to say 192.168.30.1
and wanted to connect to the server 172.20.2.2 in DMZ.I configured nat (dmz) 0 access-list test outside ,with access-list test perm ip host 172.20.2.2 host 192.168.30.1.No traffic.Then I configured nat (inside) 0 access-list nonat,where
access-list nonat was perm ip host 192.168.30.1 host 172.20.2.2 and sudennly is everything OK.
Thanks a lot.
Zdenek
07-15-2005 06:50 AM
Cool... thanks for the rating. happy networking.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide